Microsoft says Chinese hackers exploited breach in corporate email system

    A cyber espionage group linked to China has remotely looted mailboxes using flaws recently discovered in Microsoft’s server software.

    The information was released last Tuesday (2) by the company and external researchers and gives an example of how the common use of programs can be used to shape a wide online network.

    Microsoft said the hackers’ action made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it calls HAFNIUM, which it described as an entity sponsored by China, but which operates outside the country.

    In a separate publication, cybersecurity company Volexity said that in January it saw hackers use one of the vulnerabilities to remotely steal “the entire contents of multiple user mailboxes”.

    All they needed to know was the details of the Exchange server and the account they wanted to loot, said Volexity. Microsoft has already released fixes for the flaws.

    Exchange is a Microsoft corporate or student email account.

    “Exchange Server is used primarily by corporate customers, and we have no evidence that hackers’ activities target individual consumers or that these attacks have an impact on other Microsoft products,” said Tom Burt, corporate vice president at Microsoft.

    China is opposed to all forms of cyber attacks, China’s Foreign Ministry spokesman Wang Wenbin told a news conference in Beijing on Wednesday.

    “China wants the media and relevant companies to take a professional and responsible attitude and base the characterizations of cyber attacks on ample evidence, rather than unfounded assumptions and accusations,” he said.

    Before Microsoft’s announcement, hackers’ increasingly aggressive movements began to attract the attention of the cybersecurity community.

    Mike McLellan, director of intelligence at Secureworks at Dell Technologies, said that prior to Microsoft’s announcement he noticed a sudden spike in Exchange server activity during Sunday night, with about 10 affected customers at his company.

    Microsoft’s suite of products has come under scrutiny since the attack on SolarWinds, the Texas-based software company that served as a springboard for various government and private sector intrusions.

    In other cases, hackers have taken advantage of the way customers have configured their Microsoft services to compromise their targets or to dive further into the affected networks.

    The hackers who pursued SolarWinds also violated Microsoft itself by accessing and downloading the source code – including elements of Exchange, the company’s email product and calendar.

    McLellan said that, for the time being, the hacking activity he saw seemed focused on spreading malicious software and preparing the ground for a potentially deeper intrusion, rather than moving aggressively to networks immediately.

    “We haven’t seen any subsequent activity yet,” he said. “We will find many companies affected, but fewer companies actually exploited.”

    Microsoft said the targets include infectious disease researchers, law firms, higher education institutions, defense companies, policy think tanks and non-governmental groups.

    Recent Articles

    Industrialist Rasoul DanialZadeh

    Rasoul Danial Zadeh (Persian: رسول دانیال زاده ;born 24 April 1959) is an entrepreneur, industrialist, and the biggest steel producer in Iran's private sector. 1-...

    8 Most Beautiful Natural Places in Iran That You Should Not Miss ( Kental )

    8 Most Beautiful Natural Places in Iran That You Should Not Miss ( Kental ) This useful article from the Kentaltravel website is about the most beautiful natural places in Iran. We will ...

    When is the town hall 14 released in Clash of Clans?

    A newly updated Builder's Hut with a defensive tower and the ability for the Builder to enhance neighboring defenses has just been made known...

    Ear 1: Mysterious Nothing Company Announces First Product

    The mysterious technology company of the co-founder of OnePlus announces its first product, which is nothing but a bluetooth headset called Ear 1 At the...

    The trick to use your WhatsApp on two mobiles at the same time

    Throughout 2021, the messaging application that does not need an introduction, WhatsApp, will allow the same account to be used on different devices, up...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox